Skip to content

Commit

Permalink
Update Library Templates (automated)
Browse files Browse the repository at this point in the history
  • Loading branch information
actions-user committed Jun 20, 2024
1 parent 9d6f72b commit a7647f7
Show file tree
Hide file tree
Showing 4 changed files with 59 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,13 @@
"Deploy-VM-ChangeTrack",
"Deploy-VM-Monitoring",
"Deploy-vmArc-ChangeTrack",
"Deploy-vmHybr-Monitoring",
"Deploy-VMSS-ChangeTrack",
"Deploy-VMSS-Monitoring",
"Enable-AUM-CheckUpdates",
"Enable-DDoS-VNET",
"Enforce-AKS-HTTPS",
"Enforce-ASR",
"Enforce-GR-KeyVault",
"Enforce-TLS-SSL-H224"
],
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,11 @@
"Deploy-VM-ChangeTrack",
"Deploy-VM-Monitoring",
"Deploy-vmArc-ChangeTrack",
"Deploy-vmHybr-Monitoring",
"Deploy-VMSS-ChangeTrack",
"Deploy-VMSS-Monitoring",
"Enable-AUM-CheckUpdates",
"Enforce-ASR",
"Enforce-GR-KeyVault"
],
"policy_definitions": [],
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
{
"type": "Microsoft.Authorization/policyAssignments",
"apiVersion": "2022-06-01",
"name": "Deploy-vmHybr-Monitoring",
"location": "${default_location}",
"dependsOn": [],
"identity": {
"type": "SystemAssigned"
},
"properties": {
"description": "Enable Azure Monitor for Hybrid Virtual Machines in the specified scope (Management group, Subscription or resource group).",
"displayName": "Enable Azure Monitor for Hybrid Virtual Machines",
"policyDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/2b00397d-c309-49c4-aa5a-f0b2c5bc6321",
"enforcementMode": "Default",
"nonComplianceMessages": [
{
"message": "Azure Monitor {enforcementMode} be enabled for Hybrid Virtual Machines."
}
],
"parameters": {
"dcrResourceId": {
"value": "${azure_monitor_data_collection_rule_vm_insights_resource_id}"
},
"enableProcessesAndDependencies": {
"value": true
}
},
"scope": "${current_scope_resource_id}",
"notScopes": []
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
{
"type": "Microsoft.Authorization/policyAssignments",
"apiVersion": "2022-06-01",
"name": "Enforce-ASR",
"dependsOn": [],
"properties": {
"description": "This initiative assignment enables recommended ALZ guardrails for Azure Recovery Services.",
"displayName": "Enforce enhanced recovery and backup policies",
"policyDefinitionId": "${root_scope_resource_id}/providers/Microsoft.Authorization/policySetDefinitions/Enforce-Backup",
"enforcementMode": "Default",
"nonComplianceMessages": [
{
"message": "Recommended guardrails {enforcementMode} be enforced for Azure Recovery Services (Backup and Site Recovery)."
}
],
"scope": "${current_scope_resource_id}",
"notScopes": [],
"parameters": {}
},
"location": "${default_location}",
"identity": {
"type": "None"
}
}

0 comments on commit a7647f7

Please sign in to comment.